Skip to content

Instantly share code, notes, and snippets.

@Antosik
Antosik / Internship.md
Last active January 22, 2026 01:34
IT Стажировки в Москве и России

Список IT стажировок и вакансий без опыта в Москве и России

  • Яндекс
    • Программы стажировок
      • Разработка (Python, C++, Java, Go, Kotlin, Scala, C, Flutter, фронтенд, DevOps, Android, iOS)
      • Анализ данных
      • Информационная безопасность
      • Тестирование
      • Менеджмент в IT
  • Бизнес
@magnetikonline
magnetikonline / README.md
Last active January 22, 2026 01:32
Setting Nginx FastCGI response buffer sizes.
@bolhasec
bolhasec / poc-CVE-2025-58360.yaml
Created November 26, 2025 11:23
POC for CVE-2025-58360
id: geoserver-wms-sld-xxe
info:
name: GeoServer WMS SLD XXE Detection
author: bolhasec
severity: medium
description: |
Attempts to exploit an XXE vulnerability via a StyledLayerDescriptor (SLD)
in a WMS GetMap POST request. A secure GeoServer instance should reject
entity resolution and return an error like "Entity resolution disallowed for file".
@bolhasec
bolhasec / yaml
Created February 19, 2024 17:33
Nuclei CVE-2023-46604 Template: Slightly modified template.
id: CVE-2023-46604
# original https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2023/CVE-2023-46604.yaml
# it doenst work well with list of targets, ie: nuclei -l ips-cabf861d-39b0-47ad-b949-c8230c998255.txt -t javascript/cves/2023/CVE-2023-46604.yaml -nh -vv -t 10
# sometime, using -t 10 improve the results
# using -debug shows the responses
info:
name: Apache ActiveMQ - Remote Code Execution
author: Ice3man,Mzack9999,pdresearch
severity: critical
@imran-parray
imran-parray / rm_unwanted_nuclei_templates.bash
Last active January 22, 2026 01:27
remove all info and low templates from Nuclei Temaplte Dir
find nuclei-templates -type f -name "*.yaml" -exec grep -q "severity: info" {} \; -exec rm {} \;
@nullenc0de
nullenc0de / External Penetration Testing Commands
Last active January 22, 2026 01:25
External Penetration Testing Commands
# External Penetration Testing Cheatsheet
## 1. Reconnaissance
### Cloud Enumeration
# Cloud Infrastructure Discovery
./cloud_enum.py -k somecompany
# Third Party Misconfigurations
@nullenc0de
nullenc0de / external_pentest.yaml
Created April 7, 2025 20:56
nerve run external.yaml --target "example.com"
agent: >
You are an expert penetration tester tasked with performing an external penetration test on a specified target (e.g., IP address or domain). Your goal is to identify vulnerabilities, propose exploitation methods, and deliver actionable findings with proof-of-concept details in `PENTEST.md`.
## Instructions
- Target external assets specified via {{ target }} (e.g., public IPs, domains).
- Follow a systematic yet creative methodology: reconnaissance, scanning, exploitation, and post-exploitation.
- Use available data (e.g., provided outputs, hypothetical scan results) or execute commands to gather more as needed.
- Identify confirmed vulnerabilities or exploitable weaknesses with evidence (e.g., tool outputs, HTTP responses).
- Avoid stopping at "nothing found"—if initial scans (e.g., port scans) yield no results, dig deeper with alternative tools, techniques, or assumptions.
- Prioritize high-impact vulnerabilities (e.g., remote code execution, privilege escalation, data exposure, aut
Name AD Attribute Description
Display Name displayName The name displayed when sending emails from the group, as well as, the GAL
Alias mailNickname Used by Exchange to find any local object with an e-mail address
Primary Email address proxyAddresses Primary email address of the group
Notes description Field to help people understand why the group exists
Hide this group from address lists msExchHideFromAddressLists Should the group be visible from the GAL
Owners managedBy The users who manage the group
Members member Who receives emails that are sent to the group
Group Membership Permissions msExchGroupJoinRestriction Permissions on who and how people can join the group
@SilenNaihin
SilenNaihin / transfer-context.md
Created January 13, 2026 22:45
Claude Code: Transfer Context command for new chat sessions

Transfer Context

Prepare context for a new chat session when this one is degraded or hitting limits.

Output Format

## Context Transfer

### Summary